A framework for the development of a personal information security agent
- Authors: Stieger, Ewald Andreas
- Date: 2011
- Subjects: Computer networks -- Security measures , Information storage and retrieval systems , Artificial intelligence
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9803 , http://hdl.handle.net/10948/d1012326 , Computer networks -- Security measures , Information storage and retrieval systems , Artificial intelligence
- Description: Nowadays information is everywhere. Organisations process, store and create information in unprecedented quantities to support their business processes. Similarly, people use, share and synthesise information to accomplish their daily tasks. Indeed, information and information technology are the core of business activities, and a part of daily life. Information has become a crucial resource in today‘s information age and any corruption, destruction or leakage of information can have a serious negative impact on an organisation. Thus, information should be kept safe. This requires the successful implementation of information security, which ensures that information assets are only used, modified and accessed by authorised people. Information security faces many challenges; and organisations still have not successfully addressed them. One of the main challenges is the human element. Information security depends to a large extent on people and their ability to follow and apply sound security practices. Unfortunately, people are often not very security-conscious in their behaviour; and this is the cause of many security breaches. There are a variety of reasons for this such as a lack of knowledge and a negative attitude to security. Many organisations are aware of this; and they attempt to remedy the situation by means of information security awareness programs. These programs aim to educate, train and increase the security awareness of individuals. However, information security awareness programs are not always successful. They are not a once-off remedy that can quickly cure information security. The programs need to be implemented effectively, and they require an ongoing effort. Unfortunately, this is where many organisations fail. Furthermore, changing individuals‘ security behaviour is difficult due to the complexity of factors that influence everyday behaviour. In view of the above, this research project proposes an alternative approach in the form of a personal information security agent. The goal of this agent is to influence individuals to adopt more secure behaviour. There are a variety of factors that need to be considered, in order to achieve this goal, and to positively influence security behaviour. Consequently, this research establishes criteria and principles for such an agent, based on the theory and practice. From a theoretical point of view, a variety of factors that influence human behaviour such as self-efficacy and normative beliefs were investigated. Furthermore, the field of persuasive technology has provided for strategies that can be used by technology to influence individuals. On the practical side, a prototype of a personal information security agent was created and evaluated through a technical software review process. The evaluation of the prototype showed that the theoretical criteria have merit but their effectiveness is largely dependent on how they are implemented. The criteria were thus revised, based on the practical findings. The findings also suggest that a personal information security agent, based on the criteria, may be able to positively influence individuals to be more secure in their behaviour. The insights gained by the research are presented in the form of a framework that makes both theoretical and practical recommendations for developing a personal information security agent. One may, consequently, conclude that the purpose of this research is to provide a foundation for the development of a personal information security agent to positively influence computer users to be more security-conscious in their behavior.
- Full Text:
- Date Issued: 2011
- Authors: Stieger, Ewald Andreas
- Date: 2011
- Subjects: Computer networks -- Security measures , Information storage and retrieval systems , Artificial intelligence
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9803 , http://hdl.handle.net/10948/d1012326 , Computer networks -- Security measures , Information storage and retrieval systems , Artificial intelligence
- Description: Nowadays information is everywhere. Organisations process, store and create information in unprecedented quantities to support their business processes. Similarly, people use, share and synthesise information to accomplish their daily tasks. Indeed, information and information technology are the core of business activities, and a part of daily life. Information has become a crucial resource in today‘s information age and any corruption, destruction or leakage of information can have a serious negative impact on an organisation. Thus, information should be kept safe. This requires the successful implementation of information security, which ensures that information assets are only used, modified and accessed by authorised people. Information security faces many challenges; and organisations still have not successfully addressed them. One of the main challenges is the human element. Information security depends to a large extent on people and their ability to follow and apply sound security practices. Unfortunately, people are often not very security-conscious in their behaviour; and this is the cause of many security breaches. There are a variety of reasons for this such as a lack of knowledge and a negative attitude to security. Many organisations are aware of this; and they attempt to remedy the situation by means of information security awareness programs. These programs aim to educate, train and increase the security awareness of individuals. However, information security awareness programs are not always successful. They are not a once-off remedy that can quickly cure information security. The programs need to be implemented effectively, and they require an ongoing effort. Unfortunately, this is where many organisations fail. Furthermore, changing individuals‘ security behaviour is difficult due to the complexity of factors that influence everyday behaviour. In view of the above, this research project proposes an alternative approach in the form of a personal information security agent. The goal of this agent is to influence individuals to adopt more secure behaviour. There are a variety of factors that need to be considered, in order to achieve this goal, and to positively influence security behaviour. Consequently, this research establishes criteria and principles for such an agent, based on the theory and practice. From a theoretical point of view, a variety of factors that influence human behaviour such as self-efficacy and normative beliefs were investigated. Furthermore, the field of persuasive technology has provided for strategies that can be used by technology to influence individuals. On the practical side, a prototype of a personal information security agent was created and evaluated through a technical software review process. The evaluation of the prototype showed that the theoretical criteria have merit but their effectiveness is largely dependent on how they are implemented. The criteria were thus revised, based on the practical findings. The findings also suggest that a personal information security agent, based on the criteria, may be able to positively influence individuals to be more secure in their behaviour. The insights gained by the research are presented in the form of a framework that makes both theoretical and practical recommendations for developing a personal information security agent. One may, consequently, conclude that the purpose of this research is to provide a foundation for the development of a personal information security agent to positively influence computer users to be more security-conscious in their behavior.
- Full Text:
- Date Issued: 2011
OVR : a novel architecture for voice-based applications
- Authors: Maema, Mathe
- Date: 2011 , 2011-04-01
- Subjects: Telephone systems -- Research , User interfaces (Computer systems) -- Research , Expert systems (Computer science) , Artificial intelligence , VoiceXML (Document markup language) , Application software -- Development
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4671 , http://hdl.handle.net/10962/d1006694 , Telephone systems -- Research , User interfaces (Computer systems) -- Research , Expert systems (Computer science) , Artificial intelligence , VoiceXML (Document markup language) , Application software -- Development
- Description: Despite the inherent limitation of accessing information serially, voice applications are increasingly growing in popularity as computing technologies advance. This is a positive development, because voice communication offers a number of benefits over other forms of communication. For example, voice may be better for delivering services to users whose eyes and hands may be engaged in other activities (e.g. driving) or to semi-literate or illiterate users. This thesis proposes a knowledge based architecture for building voice applications to help reduce the limitations of serial access to information. The proposed architecture, called OVR (Ontologies, VoiceXML and Reasoners), uses a rich backend that represents knowledge via ontologies and utilises reasoning engines to reason with it, in order to generate intelligent behaviour. Ontologies were chosen over other knowledge representation formalisms because of their expressivity and executable format, and because current trends suggest a general shift towards the use of ontologies in many systems used for information storing and sharing. For the frontend, this architecture uses VoiceXML, the emerging, and de facto standard for voice automated applications. A functional prototype was built for an initial validation of the architecture. The system is a simple voice application to help locate information about service providers that offer HIV (Human Immunodeficiency Virus) testing. We called this implementation HTLS (HIV Testing Locator System). The functional prototype was implemented using a number of technologies. OWL API, a Java interface designed to facilitate manipulation of ontologies authored in OWL was used to build a customised query interface for HTLS. Pellet reasoner was used for supporting queries to the knowledge base and Drools (JBoss rule engine) was used for processing dialog rules. VXI was used as the VoiceXML browser and an experimental softswitch called iLanga as the bridge to the telephony system. (At the heart of iLanga is Asterisk, a well known PBX-in-a-box.) HTLS behaved properly under system testing, providing the sought initial validation of OVR. , LaTeX with hyperref package
- Full Text:
- Date Issued: 2011
- Authors: Maema, Mathe
- Date: 2011 , 2011-04-01
- Subjects: Telephone systems -- Research , User interfaces (Computer systems) -- Research , Expert systems (Computer science) , Artificial intelligence , VoiceXML (Document markup language) , Application software -- Development
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4671 , http://hdl.handle.net/10962/d1006694 , Telephone systems -- Research , User interfaces (Computer systems) -- Research , Expert systems (Computer science) , Artificial intelligence , VoiceXML (Document markup language) , Application software -- Development
- Description: Despite the inherent limitation of accessing information serially, voice applications are increasingly growing in popularity as computing technologies advance. This is a positive development, because voice communication offers a number of benefits over other forms of communication. For example, voice may be better for delivering services to users whose eyes and hands may be engaged in other activities (e.g. driving) or to semi-literate or illiterate users. This thesis proposes a knowledge based architecture for building voice applications to help reduce the limitations of serial access to information. The proposed architecture, called OVR (Ontologies, VoiceXML and Reasoners), uses a rich backend that represents knowledge via ontologies and utilises reasoning engines to reason with it, in order to generate intelligent behaviour. Ontologies were chosen over other knowledge representation formalisms because of their expressivity and executable format, and because current trends suggest a general shift towards the use of ontologies in many systems used for information storing and sharing. For the frontend, this architecture uses VoiceXML, the emerging, and de facto standard for voice automated applications. A functional prototype was built for an initial validation of the architecture. The system is a simple voice application to help locate information about service providers that offer HIV (Human Immunodeficiency Virus) testing. We called this implementation HTLS (HIV Testing Locator System). The functional prototype was implemented using a number of technologies. OWL API, a Java interface designed to facilitate manipulation of ontologies authored in OWL was used to build a customised query interface for HTLS. Pellet reasoner was used for supporting queries to the knowledge base and Drools (JBoss rule engine) was used for processing dialog rules. VXI was used as the VoiceXML browser and an experimental softswitch called iLanga as the bridge to the telephony system. (At the heart of iLanga is Asterisk, a well known PBX-in-a-box.) HTLS behaved properly under system testing, providing the sought initial validation of OVR. , LaTeX with hyperref package
- Full Text:
- Date Issued: 2011
- «
- ‹
- 1
- ›
- »